Shackleton’s Defence Against Cyber-Attacks

15

May

Written by Phil Eldridge, 15 May 2017

The Cyber-Attack on Friday has gathered a lot of press and for very good reason, as it has hit many high-profile organisations and is not over yet. However, it is by no means an isolated incident and in the last 18 months we have seen the number of attacks increasing dramatically.

Exactly What Happened?

In short, on Friday a new virus called “WannaCry” was released which took advantage of a security flaw in Microsoft’s Windows operating systems that was fixed back in March. However, many machines do not have this fix installed yet and are still vulnerable.

Once the virus gets onto your system it starts spreading through all the machines on your network affecting them all in turn. Its main aim is encrypting all your data so you cannot access it and then charge you a fee to decrypt it. Viruses of this type are known as ransomware that are mostly spread by malicious e-mails but can be stopped at several points before they infect your systems.

Shackleton's Best Practice Standards

Shackleton have been taking this threat seriously for some time and have developed a method of defending yourself that is called “defence in depth”. We have steadily been bringing all our clients up to our ’best practice’ standards.

The way it works is quite simple. We remove obvious security flaws and use industry leading products from various suppliers to protect your network. The aim is to give the virus multiple systems it must defeat before it can affect your computers:

Old unsupported Operating Systems like Windows XP or Server 2003 are removed from your network as they no longer receive security patches

All machines are patched automatically to bring them up to the latest Microsoft standards

We use a comprehensive antivirus system on all machines

All e-mails are scanned for viruses/malware before they enter your network

All traffic to the internet is scanned to make sure it is not going to a malicious source

We lock down your internet router to make sure that only allowed/expected data can come onto your network

We use a comprehensive backup system so, if the worst ever does happen, your data can be recovered.

How Did This Happen?

The machines affected in this attack were hit because they were running on older, unsupported or unpatched operating systems. However, this was completely avoidable had the correct precautions been in place.

It is an unfortunate sign of the times that all organisations, large and small, need to start taking Cyber Security seriously, if not the results can be devastating.

If you would like any additional information on how to protect your systems, please get in touch.